Make generate-jitsi-passwords.sh less magical
This commit is contained in:
parent
e36fe54974
commit
1b27e0f812
|
@ -23,18 +23,16 @@ Add this to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_jitsi_enabled: true
|
matrix_jitsi_enabled: true
|
||||||
|
|
||||||
|
# Run `bash inventory/scripts/generate-jitsi-passwords.sh` to generate these passwords,
|
||||||
|
# or define your own strong passwords manually.
|
||||||
|
matrix_jitsi_jicofo_component_secret: ""
|
||||||
|
matrix_jitsi_jicofo_auth_password: ""
|
||||||
|
matrix_jitsi_jvb_auth_password: ""
|
||||||
|
matrix_jitsi_jibri_recorder_password: ""
|
||||||
|
matrix_jitsi_jibri_xmpp_password: ""
|
||||||
```
|
```
|
||||||
|
|
||||||
## Securing your Jitsi instance with strong passwords
|
|
||||||
|
|
||||||
Please use the bash script provided in this repo to generate strong passwords for your Jitsi instance.
|
|
||||||
Execute the following commands in your terminal from the root of this repo:
|
|
||||||
```bash
|
|
||||||
cd inventory/scripts
|
|
||||||
bash generate-jitsi-passwords.sh
|
|
||||||
```
|
|
||||||
|
|
||||||
The script will add the corresponding ansible variables and passwords generated with `openssl rand -hex 16` to the bottom of your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration.
|
|
||||||
|
|
||||||
## (Optional) configure internal Jitsi authentication and guests mode
|
## (Optional) configure internal Jitsi authentication and guests mode
|
||||||
|
|
||||||
|
|
|
@ -2,38 +2,14 @@
|
||||||
# This is a bash script for generating strong passwords for the Jitsi role in this ansible project:
|
# This is a bash script for generating strong passwords for the Jitsi role in this ansible project:
|
||||||
# https://github.com/spantaleev/matrix-docker-ansible-deploy
|
# https://github.com/spantaleev/matrix-docker-ansible-deploy
|
||||||
|
|
||||||
# This script assumes that you followed the documentation at https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-playbook.md and created a folder in the source code's directory like this: 'mkdir inventory/host_vars/matrix.<your-domain>'
|
|
||||||
# it will put the generated passwords for Jitsi at the end of the vars.yml file in that directory
|
|
||||||
|
|
||||||
function generatePassword() {
|
function generatePassword() {
|
||||||
openssl rand -hex 16
|
openssl rand -hex 16
|
||||||
}
|
}
|
||||||
|
|
||||||
# helper function to get the matrix domain in the host_vars directory
|
echo "# If this script fails, it's likely because you don't have the openssl tool installed."
|
||||||
function get_domain_dir() {
|
echo "# Install it before using this script, or simply create your own passwords manually."
|
||||||
counter=0
|
|
||||||
|
|
||||||
for f in *; do
|
echo ""
|
||||||
counter=$(( counter + 1 ))
|
|
||||||
if [ ! -d "$f" ]; then
|
|
||||||
echo "Error: could not find directory 'matrix.your.domain'"
|
|
||||||
echo "Did you create it already? Please first setup your matrix homeserver before running this script."
|
|
||||||
echo "You should start here: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/prerequisites.md"
|
|
||||||
exit 1
|
|
||||||
elif [[ "$counter" -gt 1 ]]; then
|
|
||||||
echo "Error: multiple directories found in ../host_vars/. Only one directory like 'matrix.your.domain' expected."
|
|
||||||
echo "Please make sure there is only one directory holding your vars.yml for this ansible playbook."
|
|
||||||
echo "Cannot continue script, exiting."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Will not set domain if zero or multiple directories are detected
|
|
||||||
domain=$f
|
|
||||||
done
|
|
||||||
}
|
|
||||||
|
|
||||||
cd ../host_vars
|
|
||||||
get_domain_dir
|
|
||||||
|
|
||||||
JICOFO_COMPONENT_SECRET=$(generatePassword)
|
JICOFO_COMPONENT_SECRET=$(generatePassword)
|
||||||
JICOFO_AUTH_PASSWORD=$(generatePassword)
|
JICOFO_AUTH_PASSWORD=$(generatePassword)
|
||||||
|
@ -41,10 +17,10 @@ JVB_AUTH_PASSWORD=$(generatePassword)
|
||||||
JIBRI_RECORDER_PASSWORD=$(generatePassword)
|
JIBRI_RECORDER_PASSWORD=$(generatePassword)
|
||||||
JIBRI_XMPP_PASSWORD=$(generatePassword)
|
JIBRI_XMPP_PASSWORD=$(generatePassword)
|
||||||
|
|
||||||
echo "" >> ../host_vars/${domain}/vars.yml
|
echo "# Paste these variables into your inventory/host_vars/matrix.DOMAIN/vars.yml file:"
|
||||||
echo "Jitsi passwords generated by inventory/scripts/gen-passwords.sh" >> ../host_vars/${domain}/vars.yml
|
echo ""
|
||||||
echo "matrix_jitsi_jicofo_component_secret: $JICOFO_COMPONENT_SECRET" >> ../host_vars/${domain}/vars.yml
|
echo "matrix_jitsi_jicofo_component_secret: "$JICOFO_COMPONENT_SECRET
|
||||||
echo "matrix_jitsi_jicofo_auth_password: $JICOFO_AUTH_PASSWORD" >> ../host_vars/${domain}/vars.yml
|
echo "matrix_jitsi_jicofo_auth_password: "$JICOFO_AUTH_PASSWORD
|
||||||
echo "matrix_jitsi_jvb_auth_password: $JVB_AUTH_PASSWORD" >> ../host_vars/${domain}/vars.yml
|
echo "matrix_jitsi_jvb_auth_password: "$JVB_AUTH_PASSWORD
|
||||||
echo "matrix_jitsi_jibri_recorder_password: $JIBRI_RECORDER_PASSWORD" >> ../host_vars/${domain}/vars.yml
|
echo "matrix_jitsi_jibri_recorder_password: "$JIBRI_RECORDER_PASSWORD
|
||||||
echo "matrix_jitsi_jibri_xmpp_password: $JIBRI_XMPP_PASSWORD" >> ../host_vars/${domain}/vars.yml
|
echo "matrix_jitsi_jibri_xmpp_password: "$JIBRI_XMPP_PASSWORD
|
||||||
|
|
Loading…
Reference in a new issue